Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCP Copy-Machine

    Scheduled Pinned Locked Moved DHCP and DNS
    4 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F Offline
      fwcheck
      last edited by

      We have found the following problem:

      • if you have a dhcp-server sitting behind a pfsense with dhcp-relaying enabled, the pakets incomming to WAN going to the dhcp-server are also relayed to the configured dhcp-servers.

      example:
      wan: 192.168.2.2
      lan: 192.168.1.0/24
      dhcp-server 192.168.1.5
      dhcp-relay  192.168.3.1/ 192.168.3.2

      incoming [dhcp for 192.168.1.5] –> WAN --> dhcp-sever and also relayed to 192.168.3.1 / 192.168.3.2

      The only option to stop flooding with dhcp-request is to change the dhcrelay-options:
      dhcrelay -D -a -m discard -i eth0 eth1  192.168.3.1 192.168.3.2

      This seems to work for us, if a circuit-id is set in the incomming dhcp-paket. As the dhcprelay is started within /etc/inc/services.inc 1842 we modified that line.

      Any other ideas or thoughts on this ?

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by

        huh??

        So your using pfsense as a internal router/firewall and its not doing nat?

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

        1 Reply Last reply Reply Quote 0
        • F Offline
          fwcheck
          last edited by

          Yes, we are not using NAT. I think most users use NAT (SOHO).
          If you are using a firewall in a larger environment this is the case.
          Therefore it would be a good idea to make the dhcp-relay options available.

          1 Reply Last reply Reply Quote 0
          • johnpozJ Offline
            johnpoz LAYER 8 Global Moderator
            last edited by

            dhcp relay is an option..

            as to this?
            "the pakets incomming to WAN going to the dhcp-server are also relayed to the configured dhcp-servers."

            Not unless you enable relay on your pfsense wan interface..

            I would suggest you draw up your network.. If you were using pfsense as a downstream network router why would there be dhcp requests on the tranist network connecting pfsense to your upstream router?

            If your pfsense wan is 192.168.2 – how would dhcp requests for 192.168.1 network be coming into wan?

            So your relay your dhcp across your 192.168.2 transit to 192.168.2.2??  On its way to 192.168.1.5?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.